﻿<!--#include file="inc/conn.asp"--><% 
Function RemoveHTML(strHTML) 
Dim objRegExp, Match, Matches 
Set objRegExp = New Regexp 
objRegExp.IgnoreCase = True 
objRegExp.Global = True 
'取闭合的<> 
objRegExp.Pattern = "<.+?>" 
'进行匹配 
Set Matches = objRegExp.Execute(strHTML) 
' 遍历匹配集合，并替换掉匹配的项目 
For Each Match in Matches 
strHtml=Replace(strHTML,Match.Value,"") 
Next 
RemoveHTML=strHTML 
Set objRegExp = Nothing 
End Function 

   id=request.form("id")
      username=request.form("usrname")
	  code=request.form("code")
	  nid=request.form("nid")
if nid="" then
nid=0
end if
if request.form("anonymous")="1" then 
   username="匿名网友"
end if
function changechr(str) 
    changechr=replace(replace(replace(replace(str,"<","&lt;"),">","&gt;"),chr(13),"<br>")," ","&nbsp;") 
    changechr=replace(replace(replace(replace(changechr,"[sayyes]","<img src="),"[b]","<b>"),"[red]","<font color=CC0000>"),"[big]","<font size=7>") 
    changechr=replace(replace(replace(replace(changechr,"[/sayyes]","></img>"),"[/b]","</b>"),"[/red]","</font>"),"[/big]","</font>") 
end function
if username="" then
response.write("<script>alert('请填写你的网名!');history.go(-1)</script>")
response.end
end if
if request.form("content")="" then
response.write("<script>alert('内容没有输入!');history.go(-1)</script>")
response.end
end if
if code="" then
response.write("<script>alert('请输入验证码!');history.go(-1)</script>")
response.end
end if
If CStr(Session("GetCode")) <> CStr(code) Then
response.write("<script>alert('验证码错误!');history.go(-1)</script>")
response.end
 Else
 codepass = False
 'Session("GetCode")=empty
 End If
content=request.form("content")
if instr(content,"吊") or instr(content,"他妈的") or instr(content,"强奸") or instr(content,"搞死")or instr(content,"奸")or instr(content,"作爱") or instr(content,"做爱") or instr(content,"他妈的") or instr(content,"操你妈") or instr(content,"共产党")or instr(content,"法轮功")or instr(content,"法轮") or instr(content,"大法") or instr(content,"gcd") or instr(content,"GCD") or instr(content,"干") or instr(content,"性欲")or instr(content,"脱") or instr(content,"日你妈") or instr(content,"SB") or instr(content,"sb") or instr(content,"傻比") or instr(content,"傻B")or instr(content,"骚") or instr(content,"SB")or instr(content,"操") or instr(content,"嬲") or instr(content,"性交") or instr(content,"狗屎") or instr(content,"屎")or instr(content,"政治")or instr(content,"垃圾") or instr(content,"操") or instr(content,"妈B")then
response.write("<script>alert('请注意：您的评论含有非法或不健康内容!');history.go(-1)</script>")
response.end
 end if 
if len(request.form("content"))>2000 then  
response.write("<script>alert('评论字节不能超过2000!');history.go(-1)</script>")
response.end
end if   
content=request.form("content")
content=RemoveHTML(content)
CID=request.form("id")
IP=Request("REMOTE_ADDR")
   set rs=server.createobject("adodb.recordset")
   sql="select * from Reply"
   rs.open sql,conn,3,2
   rs.addnew
   rs("username")=username
   rs("CID")=id
   rs("content")=content
   rs("date")=Now()
   rs("ip")=ip
   rs("nid")=nid
   rs.update
   rs.close
response.redirect "comment.asp?id="&request("id")
response.end
%>